Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132342e302f32342d3234203d3e20333938373034.roa
File: 3135322e38392e3132342e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: 0Ju47Ei9/3yC3S9nXi05aJEeSlQ9xVOjmvEVmMuj3AY=
Subject key identifier: B5:DE:E6:39:EE:35:31:B7:70:FA:43:D4:F5:C1:2D:D7:40:97:E5:F3
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 78B5D2482B2B96520F90B773D9D82B81391DB056
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132342e302f32342d3234203d3e20333938373034.roa
Signing time: Mon 19 May 2025 10:36:15 +0000
ROA not before: Mon 19 May 2025 10:31:15 +0000
ROA not after: Mon 18 May 2026 10:36:15 +0000
asID: 398704
IP address blocks: 152.89.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b5:d2:48:2b:2b:96:52:0f:90:b7:73:d9:d8:2b:81:39:1d:b0:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 19 10:31:15 2025 GMT
Not After : May 18 10:36:15 2026 GMT
Subject: CN=B5DEE639EE3531B770FA43D4F5C12DD74097E5F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f8:73:b2:d8:75:b5:16:f9:ec:c2:14:98:d5:
fc:54:57:d7:cf:af:19:c6:13:40:80:31:32:23:5d:
d8:1f:53:38:c1:b8:85:e7:ee:a4:a1:b5:9e:23:83:
20:38:dc:e9:27:ec:2d:95:6c:6c:e9:0d:60:ef:2b:
6f:c0:a7:6d:b7:05:9a:20:8a:0b:5b:60:63:de:cb:
c1:bb:78:fa:e2:c8:70:b5:f3:b1:7f:83:d0:c2:d2:
fb:57:90:a7:13:25:96:56:34:ed:3b:db:cc:4c:ca:
2c:0a:8f:60:60:07:ab:a1:d5:24:3b:b6:c3:1f:fc:
6d:a6:e1:f1:73:c7:e6:15:46:46:82:28:29:db:d2:
ca:7f:c8:49:37:c3:c2:09:80:4f:37:e8:5a:ea:0e:
c9:ae:21:69:ee:e7:5b:79:9c:18:b3:f0:cb:2e:84:
03:8e:6c:51:53:84:fd:cd:38:52:36:ae:7d:ef:d9:
89:2e:34:ad:1d:38:b5:fe:01:d3:8f:37:a8:62:e8:
c3:7e:d5:df:d8:1e:3b:fe:d3:a4:a0:65:cc:b5:c2:
da:22:13:1d:a8:32:6d:f2:97:ee:ca:93:48:42:67:
73:8b:7d:96:5a:25:46:b6:88:b2:d2:15:df:54:12:
ae:75:02:a9:2e:a1:d0:c6:14:1e:96:04:90:e7:74:
7a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DE:E6:39:EE:35:31:B7:70:FA:43:D4:F5:C1:2D:D7:40:97:E5:F3
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3135322e38392e3132342e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.124.0/24
Signature Algorithm: sha256WithRSAEncryption
31:01:74:e7:39:39:02:89:d7:16:87:a5:9e:79:1b:19:cb:9d:
ef:58:53:31:4b:e0:70:2a:d1:28:8f:83:29:bf:83:49:3b:96:
0e:e1:47:b0:5b:51:c0:94:1b:1f:6a:75:7d:01:6e:b9:be:06:
1c:98:69:19:74:79:fe:ba:0c:99:33:bf:6f:25:6b:dc:6c:4c:
99:fa:e0:ec:4a:a7:43:f5:9a:bd:a4:8a:ee:6e:f0:47:1c:71:
d8:a6:62:7c:79:77:8b:6d:6c:3f:34:32:c5:f8:b1:30:64:19:
1e:62:fa:81:dd:f4:97:1f:8a:b0:dd:98:2a:c3:5f:47:d8:83:
41:f6:30:45:d8:40:f1:b4:59:37:08:65:ba:50:55:4d:5e:1f:
7a:8e:d0:9d:83:c4:4d:34:62:00:09:80:ba:90:5b:d0:7e:bb:
c0:39:e8:1a:72:36:b0:1b:a3:a8:9e:e1:5c:48:29:dd:71:8e:
ba:c3:fd:9c:9f:c6:2a:e8:34:d8:9e:40:0e:10:70:f9:2a:be:
25:cb:39:21:25:81:e2:5b:26:f4:6a:05:d5:42:3c:8b:8a:ea:
9f:68:cf:24:ef:55:b7:39:56:44:e6:d9:95:0d:53:6e:ea:49:
5c:23:ed:8f:55:36:43:97:eb:bf:4a:79:b0:cc:44:81:8d:f2:
28:4e:30:fe
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeLXSSCsrllIPkLdz2dgrgTkdsFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MTkxMDMxMTVaFw0yNjA1MTgxMDM2MTVaMDMxMTAvBgNV
BAMTKEI1REVFNjM5RUUzNTMxQjc3MEZBNDNENEY1QzEyREQ3NDA5N0U1RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu+HOy2HW1FvnswhSY1fxUV9fP
rxnGE0CAMTIjXdgfUzjBuIXn7qShtZ4jgyA43Okn7C2VbGzpDWDvK2/Ap223BZog
igtbYGPey8G7ePriyHC187F/g9DC0vtXkKcTJZZWNO0728xMyiwKj2BgB6uh1SQ7
tsMf/G2m4fFzx+YVRkaCKCnb0sp/yEk3w8IJgE836FrqDsmuIWnu51t5nBiz8Msu
hAOObFFThP3NOFI2rn3v2YkuNK0dOLX+AdOPN6hi6MN+1d/YHjv+06SgZcy1wtoi
Ex2oMm3yl+7Kk0hCZ3OLfZZaJUa2iLLSFd9UEq51AqkuodDGFB6WBJDndHpJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtd7mOe41Mbdw+kPU9cEt10CX5fMwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNTMyMmUzODM5MmUzMTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzgzNzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACYWXwwDQYJKoZIhvcNAQELBQADggEBADEBdOc5OQKJ1xaHpZ55GxnLne9YUzFL
4HAq0SiPgym/g0k7lg7hR7BbUcCUGx9qdX0Bbrm+BhyYaRl0ef66DJkzv28la9xs
TJn64OxKp0P1mr2kiu5u8EcccdimYnx5d4ttbD80MsX4sTBkGR5i+oHd9JcfirDd
mCrDX0fYg0H2MEXYQPG0WTcIZbpQVU1eH3qO0J2DxE00YgAJgLqQW9B+u8A56Bpy
NrAbo6ie4VxIKd1xjrrD/ZyfxiroNNieQA4QcPkqviXLOSElgeJbJvRqBdVCPIuK
6p9ozyTvVbc5VkTm2ZUNU27qSVwj7Y9VNkOX679KebDMRIGN8ihOMP4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:46:22 2025 by rpki-client